<?php

    define( 'USAGE_PRIV', 0x1 );
    define( 'CREATE_PRIV', 0x2 );
    define( 'DROP_PRIV', 0x4 );
    define( 'ALTER_PRIV', 0x8 );
    define( 'DELETE_PRIV', 0x10 );
    define( 'INDEX_PRIV', 0x20 );
    define( 'INSERT_PRIV', 0x40 );
    define( 'SELECT_PRIV', 0x80 );
    define( 'UPDATE_PRIV', 0x100 );
    define( 'ALL_PRIV', USAGE_PRIV | CREATE_PRIV | DROP_PRIV | ALTER_PRIV | DELETE_PRIV | INDEX_PRIV | INSERT_PRIV | SELECT_PRIV | UPDATE_PRIV );

    function privileges_text2constant( $text ) {
        // mysql privileges
        $privileges = array(
            'USAGE' => USAGE_PRIV,
            'CREATE' => CREATE_PRIV,
            'DROP' => DROP_PRIV,
            // 'GRANT OPTION' => GRANT_OPTION_PRIV,
            // 'REFERENCES' => REFERENCES_PRIV,
            // 'EVENT' => EVENT_PRIV,
            'ALTER' => ALTER_PRIV,
            'DELETE' => DELETE_PRIV,
            'INDEX' => INDEX_PRIV,
            'INSERT' => INSERT_PRIV,
            'SELECT' => SELECT_PRIV,
            'UPDATE' => UPDATE_PRIV,
            // 'TRIGGER' => TRIGGER_PRIV,
            // 'CREATE VIEW' => CREATE_VIEW_PRIV,
            // 'SHOW VIEW' => SHOW_VIEW_PRIV,
            // 'ALTER ROUTINE' => ALTER_ROUTINE_PRIV,
            // 'CREATE ROUTINE' => CREATE_ROUTINE_PRIV,
            // 'EXECUTE' => EXECUTE_PRIV,
            // 'FILE' => FILE_PRIV,
            // 'CREATE TEMPORARY TABLES' => CREATE_TMP_TABLE_PRIV,
            // 'LOCK TABLES' => LOCK_TABLES_PRIV,
            // 'CREATE USER' => CREATE_USER_PRIV,
            // 'PROCESS' => PROCESS_PRIV,
            // 'RELOAD' => RELOAD_PRIV,
            // 'REPLICATION CLIENT' => REPL_CLIENT_PRIV,
            // 'REPLICATION SLAVE' => REPL_SLAVE_PRIV,
            // 'SHOW DATABASES' => SHOW_DB_PRIV,
            // 'SHUTDOWN' => SHUTDOWN_PRIV,
            // 'SUPER' => SUPER_PRIV,
            'ALL PRIVILEGES' => ALL_PRIV
        );

        return $privileges[ $text ];
    }

    function UserPrivileges( $user = false ) {
        global $db;
        
        if ( $user === false ) {
            $user = 'CURRENT_USER';
        }

        $res = $db->Query( "SHOW GRANTS FOR $user" );
        $privs = array();
        while ( $row = $res->FetchArray() ) {
            $key = array_keys( $row );
            $key = $key[ 0 ];
            $grant = $row[ $key ];

            $priv = array();
            $priv[ 'GRANT_TEXT' ] = substrbetween( $grant, 'GRANT ', ' ON' );
            $priv[ 'GRANT' ] = privileges_text2constant( $priv[ 'GRANT_TEXT' ] );
            $on = substrbetween( $grant, 'ON ', ' TO' );
            $s = split( "\.", $on );
            $priv[ 'ON' ] = array( $s[ 0 ], $s[ 1 ] );
            if ( strpos( $grant, 'IDENTIFIED BY PASSWORD' ) === false ) {
                $priv[ 'TO' ] = substrbetween( $grant, 'TO ' );
            }
            else {
                $priv[ 'TO' ] = substrbetween( $grant, 'TO ', ' IDENTIFIED BY PASSWORD' );
                $priv[ 'IDENTIFIED BY' ] = substrbetween( $grant, 'IDENTIFIED BY PASSWORD ' );
            }
            $privs[ count( $privs ) ] = $priv;
        }

        return $privs;
    }

    function UserHasPrivilege( $privilege, $user = false, $db = false, $table = false ) {
        $privs = UserPrivileges();
        foreach ( $privs as $p ) {
            if ( ( $p[ 'GRANT' ] & $privilege ) && ( ( !$db || $p[ 'ON' ][ 0 ] == $db || $p[ 'ON' ][ 0 ] == '*' ) || ( !$table || $p[ 'ON' ][ 1 ] == $table || $p[ 'ON' ][ 1 ] == '*' ) ) ) {
                return true;
            }
        }

        return false;
    }

?>
